Tuesday, April 15, 2014

Threat update #14

Study about surveillance by eavesdropping on Web Cookies.

Friday, March 21, 2014

Threat update #13

XML-RPC functionality in Wordpress (and probably other CMS tools) is used for DDoS attacks.

Saturday, March 15, 2014

Threat update #12

Attack on SSL by hacking the CA and creating rouge certificates.

Tuesday, March 4, 2014

Monday, January 27, 2014

BKMs #1: Disabling SELinux

To temporarily disable SELinux on CentOS/RedHat EL run:

# echo 0 > /selinux/enforce

For permanent disabling, run:

# sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/selinux/config

Sunday, January 26, 2014

Threat update #10

Excellent overview and analysis of Stuxnet and whole 'Olympic Games' campaign. Good reading that complements very detailed technical analysis of this malware.

Thursday, January 9, 2014

Exercises for CSIRTs

Good training materials from ENISA for developing incident response skills.